First of all, due to RL time concerns,
Assuming that the forum's not destroyed by a vengeful goddess in the meantime.
That sounds like a joke, I know. But I think the joke's on me.
I happened to have the OOC board index up today when my browser crashed. So I had to reopen the page, and I wasn't logged in when it did. A thread by "Princess Luna" appeared out of nowhere:
I didn't realize the significance of that right away. (My first reaction was, "Huh, who registered that? Everybody should be making original characters - we've discouraged direct use of show canon.")
But then I logged in to my account ... and the thread vanished again. I'm a board administrator. I should be seeing everything.
I took screenshots:
Check them out side by side. The more you look, the more disturbing it gets.
My immediate thought at that point was -- okay, as cool as this is (it's kind of a compliment for someone to go through so much effort for me, you know?), I've been hacked and I need to do damage control.
I started my info-gathering by cross-referencing the post date against the Apache logs, which is when I discovered: There are no HTTP requests corresponding to "Luna's" edits. Even my own board access shows up in the Apache logs, and to scrub them would require rooting the box. In layman's terms -- someone appears to have hacked our entire server, in a very precise and subtle way, just to register a forum account behind my back.
They've been remarkably thorough. Just for one example: I can't even see their user profile (and it appears to be encrypted in the database files). Can someone who has already registered a Pony4e account go to tomorrowlands.org/pony/YaBB.pl?action=vi
At this point, I have no idea what "Luna" wants, and I'm kind of afraid to let them know that I've spotted them (hence only discussing it in my locked LJ post). Clearly they outclass me in the cracking department. This person's motives seem innocent so far, but if they get angry, they undoubtedly have the capability to take my whole website down -- and about 60 others with it.
For now, I think I need to play dumb and do some info-gathering. Any suggestions?
UPDATE, 2 a.m.: Tlands is currently down. OH GOD SHE'S HACKED IN HERE TOO. ... Except Inaki says it looks like an unrelated network issue (we've had a few in the last couple weeks), site should be fine, and is talking to the data center. In hindsight, I'm starting to wonder ...
(Update, 5/2012: Entry made public for posterity.)